BLACKBRICK SYSTEMS Back to home
BlackBrick Systems

Privacy Policy

Sole trader business based in the United Kingdom // Contact: [email protected]

1. Introduction

BlackBrick Systems is a United Kingdom-based sole trader business providing AI automation, AI receptionist, missed-call text-back, SMS follow-up, website, chatbot, CRM, lead generation, and related digital services for home service businesses, including businesses operating in the United States.

This Privacy Policy explains how BlackBrick Systems (“BlackBrick Systems,” “we,” “us,” or “our”) collects, uses, stores, shares, and protects personal information when you visit our website, contact us, become a client, interact with our services, or communicate through systems that we help design, manage, or operate.

We are committed to handling personal information responsibly, lawfully, transparently, and securely. This Privacy Policy is intended to reflect broad international privacy best practices, including the UK GDPR, EU GDPR where applicable, and relevant US privacy principles.

Questions about this Privacy Policy or how we handle personal information?
Email: [email protected]

2. Important Role Clarification

Depending on the circumstances, BlackBrick Systems may act as either a data controller or a data processor/service provider.

When We Act as a Controller

We act as a controller when we decide how and why personal information is used, such as when we collect information from:

  • Visitors to our website;
  • Prospective clients who contact us;
  • Business owners or representatives we contact;
  • Clients during onboarding, billing, support, and account management.

When We Act as a Processor or Service Provider

We usually act as a processor or service provider when we process personal information on behalf of our clients, such as information relating to a client’s customers, leads, callers, website visitors, SMS contacts, or CRM records.

In those cases, our client is generally responsible for deciding the lawful basis for processing, providing any required privacy notices, obtaining any required consents, and complying with laws that apply to their own customers and marketing activities. This includes, where applicable, laws relating to call recording, SMS marketing, email marketing, AI-assisted communications, telemarketing, and customer consent.

3. Information We Collect

We may collect different categories of personal information depending on how you interact with us.

A. Information From Website Visitors and Prospective Clients

  • Name;
  • Email address;
  • Phone number;
  • Company name;
  • Information submitted through contact forms;
  • Messages, enquiries, or other communications;
  • IP address;
  • Device and browser information;
  • Website usage data;
  • Cookie and analytics data;
  • Marketing and advertising interaction data.

B. Information From Clients

When a business becomes a client, we may collect business name; owner, manager, or representative name; business email address; business phone number; billing and payment information; login credentials or access details provided to us; CRM data; customer lists; lead data; website form data; campaign information; business workflow information; support communications; and information needed to configure AI receptionists, SMS follow-up, chatbots, automations, websites, CRM systems, and related services.

C. Information About Our Clients’ Customers or Leads

When providing services to clients, we may process information relating to their customers, leads, callers, website visitors, or contacts, including names, phone numbers, email addresses, appointment details, messages, call recordings, call transcripts, voicemails, SMS messages, website chat messages, service addresses, booking details, CRM notes, lead source information, and other information provided during calls, chats, forms, emails, or SMS communications.

D. Information From Calls, Voicemails, SMS, Chat, and AI Systems

Where relevant to the services we provide, we may process incoming and outgoing call data, call recordings, call summaries, transcripts, voicemails, SMS messages, chatbot conversations, AI-generated responses, and conversation metadata such as time, date, duration, phone number, and routing information. These may be used to provide the service, review performance, improve workflows, troubleshoot issues, train staff or contractors, improve client campaigns, and help clients respond to enquiries.

E. Sensitive Information

Our services are not designed to collect sensitive personal information, such as health information, financial account details, government identification numbers, children’s data, religious beliefs, political opinions, or similar sensitive categories. Clients and users should not intentionally submit sensitive personal information unless it is necessary and lawful to do so. If sensitive information is submitted unintentionally through a call, message, form, or AI system, we will handle it according to this Privacy Policy, our client instructions, and applicable law.

4. How We Collect Information

We may collect personal information directly from you when you contact us; through website forms; through calls, emails, SMS, chat, or other communications; through client onboarding; through CRM systems; through AI receptionist, chatbot, call, SMS, and automation tools; through cookies and analytics technologies; from clients who provide customer, lead, or business data to us; from publicly available business sources where lawful; and from third-party platforms used to deliver our services.

5. How We Use Personal Information

We may use personal information to:

  • Provide our services;
  • Respond to enquiries;
  • Onboard and manage clients;
  • Build, configure, and maintain websites, chatbots, automations, AI receptionists, CRM systems, and follow-up campaigns;
  • Process calls, voicemails, transcripts, SMS messages, forms, and chat messages;
  • Help clients capture, manage, and respond to leads;
  • Send service-related communications;
  • Provide support and troubleshooting;
  • Process payments and maintain business records;
  • Improve service performance and reliability;
  • Monitor and analyse website and campaign performance;
  • Run marketing, retargeting, and advertising campaigns;
  • Contact business owners or representatives about our services where lawful;
  • Prevent fraud, misuse, security incidents, or unlawful activity;
  • Comply with legal, regulatory, tax, accounting, and contractual obligations;
  • Enforce our agreements and protect our legal rights.

6. AI-Specific Data Handling

BlackBrick Systems provides services that may involve artificial intelligence, automation, voice AI, chatbots, SMS automation, call handling, and AI-generated responses. We may use third-party AI providers and related tools, including but not limited to OpenAI; Anthropic/Claude; Google Gemini; GoHighLevel AI; Bland AI; Vapi; Retell AI; ElevenLabs; and other AI, voice, automation, CRM, or communication tools used to provide our services.

A. AI Inputs and Outputs

Information submitted through calls, SMS, chat, forms, CRM systems, or other workflows may be sent to AI providers or automation tools to generate responses, summaries, transcripts, classifications, routing decisions, appointment details, follow-up messages, or similar service outputs.

B. No Training of Our Own AI Models

We do not use client data or client customer data to train our own AI models.

C. Third-Party AI Providers

Some third-party AI providers may process data according to their own terms, privacy policies, data processing agreements, enterprise settings, or service configurations. Where available and appropriate, we aim to use settings that limit unnecessary data retention or model training by third-party providers.

D. Accuracy of AI Outputs

AI-generated outputs may be incomplete, inaccurate, delayed, or inappropriate in some circumstances. AI systems should not be treated as a substitute for human judgement, professional advice, emergency assistance, or legally required human review. Clients are responsible for reviewing and supervising how AI systems are configured and used in their business.

E. Automated Communications

Some AI or automation systems may send responses automatically, including by SMS, chat, email, or voice. These systems are not intended to make decisions that produce legal or similarly significant effects on individuals. BlackBrick Systems does not knowingly use AI systems to automatically approve, reject, price, score, or otherwise make legally significant decisions about individuals.

7. Lawful Bases for Processing

Where UK GDPR, EU GDPR, or similar laws apply, we rely on one or more lawful bases for processing personal information, including:

  • Contract: where processing is necessary to provide services or take steps before entering into a contract;
  • Legitimate interests: where processing is necessary for our business interests or our clients’ business interests, provided those interests are not overridden by individual rights;
  • Consent: where consent is required, such as for certain cookies, marketing, call recording, SMS, or electronic communications;
  • Legal obligation: where processing is necessary to comply with applicable laws, tax rules, accounting obligations, or legal requests;
  • Vital interests or public interest: only where applicable and legally justified.

Where we process personal information on behalf of a client, the client is responsible for identifying and maintaining the appropriate lawful basis for their own processing activities.

8. Client Responsibilities

Clients using our services are responsible for ensuring that their own use of our services complies with applicable laws. This includes responsibility for:

  • Providing appropriate privacy notices to their customers, leads, website visitors, and callers;
  • Obtaining any legally required consent for SMS, calls, marketing, AI communications, and call recording;
  • Complying with applicable US federal and state laws, including laws relating to telemarketing, SMS marketing, email marketing, call recording, consumer protection, and privacy;
  • Ensuring customer contact data has been collected lawfully;
  • Ensuring customer lists, CRM records, and lead data are accurate and lawfully usable;
  • Honouring opt-out, unsubscribe, do-not-call, and deletion requests;
  • Reviewing AI-generated responses where appropriate;
  • Ensuring AI and automation systems are suitable for their intended use;
  • Avoiding submission of sensitive or unlawful information into our systems.

BlackBrick Systems is not responsible for a client’s unlawful use of customer data, failure to obtain required consent, failure to provide legally required notices, or misuse of AI or automation systems.

9. Cookies, Analytics, and Tracking Technologies

Our website may use cookies, pixels, tags, scripts, and similar technologies to operate the website, analyse performance, improve user experience, and support advertising or retargeting. These technologies may collect information such as IP address, browser type, device type, pages visited, time spent on the website, referring website, interactions with forms, ads, or website content, and approximate location based on IP address.

We may use tools such as Google Analytics, Google Tag Manager, Meta Pixel, Hotjar, Microsoft Clarity, and similar analytics, advertising, and performance tools. Where required by law, we will request consent before using non-essential cookies or tracking technologies. You can usually control cookies through your browser settings. Some features of our website may not function properly if cookies are disabled.

10. Marketing Communications

We may use personal information to send marketing communications about our services where lawful. You may opt out of marketing emails or SMS messages at any time by using the unsubscribe link, replying with an opt-out instruction where available, or contacting us at [email protected]. If you opt out of marketing, we may still send service-related, transactional, legal, or administrative communications where permitted by law.

11. Payments and Billing

We may collect or process billing-related information to invoice clients and receive payment. Payments may be processed through Stripe, bank transfer, or other payment or accounting systems used in the ordinary course of business. We do not intentionally store full payment card details on our own systems. Payment processors may process payment information according to their own privacy policies and security practices.

12. Third-Party Service Providers

We may share personal information with trusted third-party service providers where necessary to operate our business and provide our services. These may include AI providers, voice AI providers, CRM platforms, automation platforms, website hosting providers, website builders, analytics providers, advertising platforms, SMS and communication providers, email and productivity tools, payment processors, cloud storage providers, contractors or technical support providers, and legal, accounting, tax, or professional advisers.

Current or likely service providers include GoHighLevel, Twilio, WhatsApp Business, Gmail, Google Workspace, Slack, Stripe, OpenAI, Anthropic/Claude, Google Gemini, Bland AI, Vapi, Retell AI, ElevenLabs, Google Analytics, Google Tag Manager, Meta Pixel, Hotjar, and Microsoft Clarity. We only share personal information where we have a business, contractual, legal, or operational reason to do so.

13. Legal and Professional Disclosure

We may disclose personal information where necessary to comply with applicable law; respond to lawful requests from authorities; enforce our agreements; protect our rights, property, security, or business interests; prevent fraud, abuse, or unlawful activity; obtain legal, accounting, tax, insurance, or professional advice; or resolve disputes.

14. No Sale of Personal Information

We do not sell personal information. We do not knowingly sell or share personal information for cross-context behavioural advertising in a way that would require a “Do Not Sell or Share My Personal Information” link under applicable California privacy laws.

However, our use of analytics, pixels, cookies, advertising tools, or retargeting technologies may be considered “sharing,” “targeted advertising,” or similar activity under some privacy laws. Where required, we will provide appropriate notice and opt-out choices.

15. International Data Transfers

BlackBrick Systems is based in the United Kingdom, but we may work with clients, service providers, platforms, and technology vendors located in other countries, including the United States. As a result, personal information may be transferred to, stored in, or processed in countries outside the UK, European Economic Area, or the country where the individual is located.

Where required by applicable law, we take steps intended to protect international transfers, such as using appropriate contractual safeguards, data processing agreements, standard contractual clauses, UK international data transfer arrangements, supplier due diligence, and other lawful transfer mechanisms.

16. Data Retention

We retain personal information only for as long as necessary to provide services, comply with legal obligations, resolve disputes, enforce agreements, maintain records, and protect our legitimate business interests. Retention periods may vary depending on the type of information, the service provided, client instructions, legal requirements, platform settings, and operational needs.

As a general guideline: website enquiries and lead submissions may be retained for as long as needed to respond, follow up, and manage business records; client account, contract, billing, and service records may be retained for the duration of the client relationship and for a reasonable period afterwards for legal, tax, accounting, and dispute purposes; call recordings, transcripts, voicemails, SMS logs, chatbot messages, and CRM records may be retained for as long as needed to provide the service, support the client, review performance, troubleshoot issues, maintain records, or comply with legal obligations; data processed on behalf of clients may be retained according to the client’s instructions, the relevant platform settings, and our contractual obligations; and legal, tax, accounting, and financial records may be retained for the period required or permitted by applicable law.

Where personal information is no longer needed, we will delete, anonymise, or securely retain it where legally required.

17. Security

We use reasonable technical, organisational, and administrative measures designed to protect personal information from unauthorised access, loss, misuse, alteration, disclosure, or destruction. These measures may include SSL and secure website connections, secure hosting, password protection, two-factor authentication where available, limited access controls, encryption where appropriate, access restricted to authorised users, regular software updates, secure account management practices, supplier and platform security controls, and internal procedures to reduce unnecessary access to personal information.

However, no system, website, platform, AI tool, or method of transmission over the internet is completely secure. We cannot guarantee absolute security. Clients are responsible for maintaining the security of their own accounts, passwords, devices, CRM access, customer data, and staff permissions.

18. Access to Client Customer Data

Where we process customer or lead data on behalf of a client, access is limited to those who need it to provide, support, or maintain the service. Client customer data may be accessible to the relevant client, authorised BlackBrick Systems personnel or contractors, relevant service providers, and platforms used to deliver the service. Clients are responsible for managing who within their own business can access their customer data.

19. Your Privacy Rights

Depending on your location and applicable law, you may have rights in relation to your personal information, including the right to:

  • Request access to your personal information;
  • Request correction of inaccurate or incomplete information;
  • Request deletion of your information;
  • Request restriction of processing;
  • Object to certain processing;
  • Request data portability;
  • Withdraw consent where processing is based on consent;
  • Opt out of certain marketing communications;
  • Opt out of certain cookies, tracking, targeted advertising, or similar activities where applicable;
  • Lodge a complaint with a data protection authority.

To exercise privacy rights, contact us at [email protected]. We may need to verify your identity before responding to a request. In some cases, we may not be able to fulfil a request fully, for example where we need to retain information for legal, contractual, security, accounting, or legitimate business reasons. If your request relates to personal information processed on behalf of one of our clients, we may refer your request to that client or act on their lawful instructions.

20. UK and EEA Rights

If UK GDPR or EU GDPR applies, you may have rights under applicable data protection law. You may also have the right to lodge a complaint with the relevant data protection authority. For the United Kingdom, the relevant supervisory authority is the Information Commissioner’s Office. We encourage you to contact us first so we can try to resolve your concern.

21. California and US State Privacy Rights

Some US state privacy laws may provide residents with additional rights, including rights to know, access, correct, delete, opt out, or limit certain uses of personal information. BlackBrick Systems does not sell personal information. Where applicable, you may have the right to opt out of certain uses of cookies, targeted advertising, profiling, or sharing of personal information. To make a privacy request, contact [email protected]. We will respond to applicable requests in accordance with relevant law.

22. Children’s Privacy

Our services are not intended for children. We do not knowingly collect personal information from children under 13, under 16, or under 18, depending on the applicable legal standard. If we become aware that we have collected personal information from a child without appropriate consent, we will take reasonable steps to delete it.

23. Call Recording, SMS, and Communication Consent

Some services may involve calls, voicemails, SMS, chat, email, AI-generated responses, or automated follow-up. Clients are responsible for ensuring they have any required consent, notice, or lawful basis to record calls; transcribe calls; send SMS messages; send marketing or follow-up communications; use AI or automated communication systems; contact leads or customers; store customer conversations in CRM systems; and use customer data for appointment booking, follow-up, or lead management.

Laws relating to call recording, SMS, telemarketing, and AI communications can vary by country, state, and situation. Clients should obtain their own legal advice before using these features.

24. Do Not Submit Unlawful or Sensitive Data

Users and clients must not submit personal information that they are not authorised to provide. Clients must not upload, import, transmit, or otherwise provide personal information to BlackBrick Systems unless they have a lawful basis and all required permissions, notices, or consents. Clients must not use our services to send spam, unlawful marketing, deceptive communications, or messages that violate applicable laws, platform rules, or third-party terms.

25. Links to Other Websites

Our website or services may contain links to third-party websites, platforms, tools, or services. We are not responsible for the privacy practices, security, content, or policies of third-party websites or platforms. You should review their privacy policies before providing personal information to them.

26. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, technology, legal obligations, or business practices. When we update this Privacy Policy, the revised version will be posted on our website or otherwise made available. Your continued use of our website or services after an updated Privacy Policy is posted means you acknowledge the updated policy.

27. Contact Us

If you have questions, concerns, or requests relating to this Privacy Policy or how personal information is handled, contact us at:

BlackBrick Systems
United Kingdom
Email: [email protected]